daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

87 New Templates

patch-1
Dhiyaneshwaran 2023-07-14 17:12:53 +05:30
parent 94e368ccb9
commit 7749c999e0
87 changed files with 1978 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
file/keys/beamer-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: beamer-api-token
info:
name: Beamer API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.go
metadata:
verified: true
tags: beamer,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/bitbucket/bitbucket-client-id.yaml Normal file
View File

@ -0,0 +1,22 @@
id: bitbucket-client-id
info:
name: BitBucket Client ID
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-id.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-id.go
metadata:
verified: true
tags: bitbucket,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/bitbucket/bitbucket-client-secret.yaml Normal file
View File

@ -0,0 +1,22 @@
id: bitbucket-client-secret
info:
name: BitBucket Client Secret
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-secret.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-secret.go
metadata:
verified: true
tags: bitbucket,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/bittrex/bittrex-access-key.yaml Normal file
View File

@ -0,0 +1,22 @@
id: bittrex-access-key
info:
name: Bittrex Access Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.go
metadata:
verified: true
tags: bittrex,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/bittrex/bittrex-secret-key.yaml Normal file
View File

@ -0,0 +1,22 @@
id: bittrex-secret-key
info:
name: Bittrex Secret Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.go
metadata:
verified: true
tags: bittrex,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/clojars-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: clojars-api-token
info:
name: Clojars API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.go
metadata:
verified: true
tags: clojars,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(CLOJARS_)[a-z0-9]{60}

22
file/keys/codecov-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: codecov-access-token
info:
name: Codecov Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.go
metadata:
verified: true
tags: codecov,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/coinbase-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: coinbase-access-token
info:
name: Coinbase Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/coinbase-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/coinbase-access-token.go
metadata:
verified: true
tags: coinbase,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/confluent/confluent-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: confluent-access-token
info:
name: Confluent Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-access-token.go
metadata:
verified: true
tags: confluent,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/confluent/confluent-secret-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: confluent-secret-token
info:
name: Confluent Secret Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-secret-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-secret-key.go
metadata:
verified: true
tags: confluent,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/contentful-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: contentful-api-token
info:
name: Contentful Delivery API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/contentful-delivery-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/contentful-delivery-api-token.go
metadata:
verified: true
tags: contentful,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/databricks-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: databricks-api-token
info:
name: Databricks API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.go
metadata:
verified: true
tags: databricks,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/datadog-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: datadog-access-token
info:
name: Datadog Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.go
metadata:
verified: true
tags: datadog,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/discord/discord-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: discord-api-token
info:
name: Discord API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.go
metadata:
verified: true
tags: discord,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/discord/discord-cilent-secret.yaml Normal file
View File

@ -0,0 +1,22 @@
id: discord-client-secret
info:
name: Discord Client Secret
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-secret.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-secret.go
metadata:
verified: true
tags: discord,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/discord/discord-client-id.yaml Normal file
View File

@ -0,0 +1,22 @@
id: discord-client-id
info:
name: Discord Client ID
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.go
metadata:
verified: true
tags: discord,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/doppler-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: doppler-api-token
info:
name: Doppler API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.go
metadata:
verified: true
tags: doppler,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (dp\.pt\.)(?i)[a-z0-9]{43}

22
file/keys/droneci-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: droneci-access-token
info:
name: Droneci Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.go
metadata:
verified: true
tags: droneci,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/dropbox/dropbox-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: dropbox-api-token
info:
name: Dropbox API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.go
metadata:
verified: true
tags: dropbox,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/dropbox/dropbox-longlived-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: dropbox-longlived-token
info:
name: Dropbox Long Lived API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-long-lived-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-long-lived-api-token.go
metadata:
verified: true
tags: dropbox,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/dropbox/dropbox-shortlived-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: dropbox-shortlived-token
info:
name: Dropbox Short Lived API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-short-lived-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-short-lived-api-token.go
metadata:
verified: true
tags: dropbox,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/duffel-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: duffel-api-token
info:
name: Duffel API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.go
metadata:
verified: true
tags: duffel,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- duffel_(test|live)_(?i)[a-z0-9_\-=]{43}

22
file/keys/easypost/easypost-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: easypost-api-token
info:
name: Easypost Test API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.go
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.yaml
metadata:
verified: true
tags: easypost,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- EZAK(?i)[a-z0-9]{54}

22
file/keys/easypost/easypost-test-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: easypost-test-token
info:
name: Easypost Test API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.go
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.yaml
metadata:
verified: true
tags: easypost,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- EZTK(?i)[a-z0-9]{54}

22
file/keys/etsy-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: etsy-access-token
info:
name: Etsy Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.go
metadata:
verified: true
tags: etsy,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/facebook/facebook-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: facebook-api-token
info:
name: Facebook API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.go
metadata:
verified: true
tags: facebook,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/fastly-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: fastly-api-token
info:
name: Fastly API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.go
metadata:
verified: true
tags: fastly,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/finicity/finicity-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: finicity-api-token
info:
name: Finicity API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.go
metadata:
verified: true
tags: finicity,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/finicity/finicity-client-secret.yaml Normal file
View File

@ -0,0 +1,22 @@
id: finicity-client-secret
info:
name: Finicity Client Secret
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-client-secret.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-client-secret.go
metadata:
verified: true
tags: finicity,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/finnhub-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: finnhub-access-token
info:
name: Finnhub Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.go
metadata:
verified: true
tags: finnhub,file,token
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/flickr-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: flickr-access-token
info:
name: Flickr Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.go
metadata:
verified: true
tags: flickr,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/flutter/flutterwave-encryption-key.yaml Normal file
View File

@ -0,0 +1,22 @@
id: flutterwave-encryption-key
info:
name: Flutterwave Encryption Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.go
metadata:
verified: true
tags: flutter,file,keys,flutterwave
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- FLWSECK_TEST-(?i)[a-h0-9]{12}

22
file/keys/flutter/flutterwave-public-key.yaml Normal file
View File

@ -0,0 +1,22 @@
id: flutterwave-public-key
info:
name: Flutterwave Public Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.go
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.yaml
metadata:
verified: true
tags: flutter,file,keys,flutterwave
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- FLWPUBK_TEST-(?i)[a-h0-9]{32}-X

22
file/keys/flutter/flutterwave-secret-key.yaml Normal file
View File

@ -0,0 +1,22 @@
id: flutterwave-secret-key
info:
name: Flutterwave Secret Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.go
metadata:
verified: true
tags: flutter,file,keys,flutterwave
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- FLWSECK_TEST-(?i)[a-h0-9]{32}-X

22
file/keys/frameio-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: frameio-api-token
info:
name: Frameio API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.go
metadata:
verified: true
tags: frameio,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- fio-u-(?i)[a-z0-9\-_=]{64}

22
file/keys/freshbooks-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: freshbooks-access-token
info:
name: Freshbooks Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.go
metadata:
verified: true
tags: freshbooks,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- fio-u-(?i)[a-z0-9\-_=]{64}

22
file/keys/gitter-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: gitter-access-token
info:
name: Gitter Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.go
metadata:
verified: true
tags: gitter,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/gocardless-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: gocardless-api-token
info:
name: Gocardless API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gocardless-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gocardless-api-token.go
metadata:
verified: true
tags: gocardless,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:gocardless)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(live_(?i)[a-z0-9\-_=]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/grafana/grafana-api-key.yaml Normal file
View File

@ -0,0 +1,22 @@
id: grafana-api-key
info:
name: Grafana API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.go
metadata:
verified: true
tags: grafana,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/grafana/grafana-cloud-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: grafana-cloud-api-token
info:
name: Grafana Cloud API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.go
metadata:
verified: true
tags: grafana,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/grafana/grafana-service-account-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: grafana-service-account-token
info:
name: Grafana Service Account Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.go
metadata:
verified: true
tags: grafana,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)

22
file/keys/hashicorp-api-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: hashicorp-api-token
info:
name: Hashicorp API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.go
metadata:
verified: true
tags: hashicorp,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9\-_=]{60,70}

22
file/keys/zendesk-secret-key.yaml Normal file
View File

@ -0,0 +1,22 @@
id: zendesk-secret-key
info:
name: Zendesk Secret Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.go
metadata:
verified: true
tags: zendesk,file,keys
file:
- extensions:
- all
extractors:
- type: regex
part: body
regex:
- (?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

0
http/exposures/tokens/atlassian-token.yaml → http/exposures/tokens/atlassian/atlassian-token.yaml
View File

24
http/exposures/tokens/beamer/beamer-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: beamer-token
info:
name: Beamer API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.go
metadata:
max-request: 1
verified: true
tags: beamer,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/bitbucket/bitbucket-clientid.yaml Normal file
View File

@ -0,0 +1,24 @@
id: bitbucket-clientid
info:
name: BitBucket Client ID
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-id.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-id.go
metadata:
max-request: 1
verified: true
tags: bitbucket,exposure,tokens,clientid
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/bitbucket/bitbucket-clientsecret.yaml Normal file
View File

@ -0,0 +1,24 @@
id: bitbucket-clientsecret
info:
name: BitBucket Client Secret
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-secret.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-secret.go
metadata:
max-request: 1
verified: true
tags: bitbucket,exposure,tokens,secret
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/bittrex/bittrex-accesskey.yaml Normal file
View File

@ -0,0 +1,24 @@
id: bittrex-accesskey
info:
name: Bittrex Access Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.go
metadata:
max-request: 1
verified: true
tags: bittrex,exposure,tokens,accesskey
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/bittrex/bittrex-secretkey.yaml Normal file
View File

@ -0,0 +1,24 @@
id: bittrex-secretkey
info:
name: Bittrex Secret Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.go
metadata:
max-request: 1
verified: true
tags: bittrex,exposure,tokens,secretkey
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/clojars/clojars-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: clojars-token
info:
name: Clojars Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.go
metadata:
max-request: 1
verified: true
tags: clojars,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(CLOJARS_)[a-z0-9]{60}

24
http/exposures/tokens/codecov/codecov-accesstoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: codecov-accesstoken
info:
name: Codecov Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.go
metadata:
max-request: 1
verified: true
tags: codecov,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/coinbase/coinbase-accesstoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: coinbase-accesstoken
info:
name: Coinbase Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/coinbase-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/coinbase-access-token.go
metadata:
max-request: 1
verified: true
tags: coinbase,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/confluent/confluent-accesstoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: confluent-accesstoken
info:
name: Confluent Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-access-token.go
metadata:
max-request: 1
verified: true
tags: confluent,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/confluent/confluent-secretkey.yaml Normal file
View File

@ -0,0 +1,24 @@
id: confluent-secretkey
info:
name: Confluent Secret Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-secret-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-secret-key.go
metadata:
max-request: 1
verified: true
tags: confluent,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/contentful/contentful-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: contentful-token
info:
name: Contentful Delivery API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/contentful-delivery-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/contentful-delivery-api-token.go
metadata:
max-request: 1
verified: true
tags: contentful,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/databricks/databricks-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: databricks-token
info:
name: Databricks API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.go
metadata:
max-request: 1
verified: true
tags: databricks,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/datadog/datadog-accesstoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: datadog-accesstoken
info:
name: Datadog Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.go
metadata:
max-request: 1
verified: true
tags: datadog,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/discord/discord-clientid.yaml Normal file
View File

@ -0,0 +1,24 @@
id: discord-clientid
info:
name: Discord Client ID
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.go
metadata:
max-request: 1
verified: true
tags: discord,exposure,tokens,clientid
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/discord/discord-clientsecret.yaml Normal file
View File

@ -0,0 +1,24 @@
id: discord-clientsecret
info:
name: Discord Client Secret
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-secret.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-secret.go
metadata:
max-request: 1
verified: true
tags: discord,exposure,tokens,clientid
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/discord/discord-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: discord-token
info:
name: Discord API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.go
metadata:
max-request: 1
verified: true
tags: discord,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/doppler/doppler-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: doppler-token
info:
name: Doppler API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.go
metadata:
max-request: 1
verified: true
tags: doppler,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (dp\.pt\.)(?i)[a-z0-9]{43}

24
http/exposures/tokens/droneci/droneci-accesstoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: droneci-accesstoken
info:
name: Droneci Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.go
metadata:
max-request: 1
verified: true
tags: droneci,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/dropbox/dropbox-long-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: dropbox-long-token
info:
name: Dropbox Long Lived API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-long-lived-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-long-lived-api-token.go
metadata:
max-request: 1
verified: true
tags: dropbox,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/dropbox/dropbox-short-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: dropbox-short-token
info:
name: Dropbox Short Lived API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-short-lived-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-short-lived-api-token.go
metadata:
max-request: 1
verified: true
tags: dropbox,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/dropbox/dropbox-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: dropbox-token
info:
name: Dropbox API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.go
metadata:
max-request: 1
verified: true
tags: dropbox,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/duffel/duffel-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: duffel-token
info:
name: Duffel API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.go
metadata:
max-request: 1
verified: true
tags: duffel,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- duffel_(test|live)_(?i)[a-z0-9_\-=]{43}

24
http/exposures/tokens/easypost/easypost-testtoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: easypost-testtoken
info:
name: Easypost Test API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.go
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.yaml
metadata:
max-request: 1
verified: true
tags: easypost,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- EZTK(?i)[a-z0-9]{54}

24
http/exposures/tokens/easypost/easypost-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: easypost-token
info:
name: Easypost API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.go
metadata:
max-request: 1
verified: true
tags: easypost,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- EZAK(?i)[a-z0-9]{54}

24
http/exposures/tokens/etsy/etsy-accesstoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: etsy-accesstoken
info:
name: Etsy Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.go
metadata:
max-request: 1
verified: true
tags: etsy,exposure,tokens,accesskey
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/facebook/facebook-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: facebook-token
info:
name: Facebook API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.go
metadata:
max-request: 1
verified: true
tags: facebook,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/fastly/fastly-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: fastly-token
info:
name: Fastly API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.go
metadata:
max-request: 1
verified: true
tags: fastly,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/finicity/finicity-clientsecret.yaml Normal file
View File

@ -0,0 +1,24 @@
id: finicity-clientsecret
info:
name: Finicity Client Secret
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-client-secret.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-client-secret.go
metadata:
max-request: 1
verified: true
tags: finicity,file,token
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/finicity/finicity-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: finicity-token
info:
name: Finicity API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.go
metadata:
max-request: 1
verified: true
tags: finicity,file,token
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/finnhub/finnhub-accesstoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: finnhub-accesstoken
info:
name: finnhub Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.go
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.yaml
metadata:
max-request: 1
verified: true
tags: finnhub,file,token
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/flickr/flickr-accesstoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: flickr-accesstoken
info:
name: Flickr Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.go
metadata:
max-request: 1
verified: true
tags: flickr,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/flutter/flutterwave-encryptionkey.yaml Normal file
View File

@ -0,0 +1,24 @@
id: flutterwave-encryptionkey
info:
name: Flutterwave Encryption Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.go
metadata:
max-request: 1
verified: true
tags: flutterwave,exposure,tokens,encryption
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- FLWSECK_TEST-(?i)[a-h0-9]{12}

24
http/exposures/tokens/flutter/flutterwave-publickey.yaml Normal file
View File

@ -0,0 +1,24 @@
id: flutterwave-publickey
info:
name: Flutterwave Public Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.go
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.yaml
metadata:
max-request: 1
verified: true
tags: flutterwave,exposure,tokens,publickey
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- FLWPUBK_TEST-(?i)[a-h0-9]{32}-X

24
http/exposures/tokens/flutter/flutterwave-secretkey.yaml Normal file
View File

@ -0,0 +1,24 @@
id: flutterwave-secretkey
info:
name: Flutterwave Secret Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.go
metadata:
max-request: 1
verified: true
tags: flutterwave,exposure,tokens,secretkey
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- FLWSECK_TEST-(?i)[a-h0-9]{32}-X

24
http/exposures/tokens/frameio/frameio-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: frameio-token
info:
name: Frameio API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.go
metadata:
max-request: 1
verified: true
tags: frameio,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- fio-u-(?i)[a-z0-9\-_=]{64}

24
http/exposures/tokens/freshbooks/freshbooks-accesstoken.yaml Normal file
View File

@ -0,0 +1,24 @@
id: freshbooks-accesstoken
info:
name: Freshbooks Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.go
metadata:
max-request: 1
verified: true
tags: freshbooks,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:freshbooks)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/gitter/gitter-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: gitter-token
info:
name: Gitter Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.go
metadata:
max-request: 1
verified: true
tags: gitter,file,keys
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/gocardless/gocardless-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: gocardless-token
info:
name: Gocardless API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gocardless-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gocardless-api-token.go
metadata:
max-request: 1
verified: true
tags: gocardless,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:gocardless)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(live_(?i)[a-z0-9\-_=]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/grafana/grafana-cloud-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: grafana-cloud-token
info:
name: Grafana Cloud API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.go
metadata:
max-request: 1
verified: true
tags: grafana,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/grafana/grafana-key.yaml Normal file
View File

@ -0,0 +1,24 @@
id: grafana-key
info:
name: Grafana API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.go
metadata:
max-request: 1
verified: true
tags: grafana,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/grafana/grafana-serviceaccount-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: grafana-serviceaccount-token
info:
name: Grafana Service Account Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.go
metadata:
max-request: 1
verified: true
tags: grafana,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$)

24
http/exposures/tokens/hashicorp/hashicorp-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: hashicorp-token
info:
name: Hashicorp API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.go
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.yaml
metadata:
max-request: 1
verified: true
tags: hashicorp,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9\-_=]{60,70}

24
http/exposures/tokens/zendesk/zendesk-key.yaml Normal file
View File

@ -0,0 +1,24 @@
id: zendesk-key
info:
name: Zendesk Secret Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.yaml
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.go
metadata:
max-request: 1
verified: true
tags: zendesk,exposure,tokens
http:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- (?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)